Librarium
Settings

McAfee SIEM Integration With McAfee ePO

elearninginfoit
elearninginfoitepo integration siemintegration epo siemmcafee epo integration with siemmcafee epo server integrationmcafee epo sql integration with siemmcafee integration siemmcafee intregation semmcafee siemmcafee siem integration with epo serversiem eposiem integration eposiem integration with mcafee epo server

Hi Guys Welcome to elearninginfoit my name is rajesh i just inform about this video only for Training ,Tutorials and Education purpose More information about this video so read this description you will get everything about it

McAfee ePolicy Orchestrator McAfee® ePolicy Orchestrator® (McAfee® ePO™) can be added as a device on McAfee ESM. McAfee ePO applications are listed as child data sources in the McAfee ESM device tree. Once authenticated as a device, you can access some McAfee ePO functions from the McAfee ESM. If you don't need this enhanced integration functionality, you can add McAfee ePO as a data source on a McAfee Event Receiver. Contents Configure the Database Server user account Configure the application server user account Differences in configuration options for ePolicy Orchestrator Add McAfee ePolicy Orchestrator as a data source Add McAfee ePolicy Orchestrator as a device Integrate McAfee ePolicy Orchestrator McAfee ePO device authentication problems Configure the Database Server user account This task applies to device options and data source configuration options. Both require a McAfee ePO database user account, which enables the McAfee Event Receiver to collect the data from the McAfee ePO database. 3 Configuring McAfee data sources McAfee ePolicy Orchestrator 34 McAfee Enterprise Security Manager Reference Guide Data Source Configuration Task 1 Log on to the McAfee ePO database server. 2 Start SQL Server Management Studio | Enterprise Manager. 3 Expand the Console Root node several times to view the items under the Security folder. 4 Right-click the Logins icon, then select New Login. 5 On the General page, do the following: a InLogin name, enter a user name (such as, epo) that the McAfee Event Receiver uses to connect to the McAfee ePO database. b Select SQL Server Authentication, then enter and confirm a password. c From the Default database menu, select the McAfee ePO database from the Database drop-down list. If you leave the Default database as master, the McAfee Event Receiver fails to pull events. 6 Select the User Mapping page. a Select the database where the user’s logon is mapped. b For Database role membership, select db_datareader. 7 Click OK to save. 8 Log off from the SQL Server Management Studio/Enterprise Manager. Configure the application server user account This task applies only to the device configuration option. The McAfee ESM user account must have rights that allow ESM to use enhanced integration features such as McAfee ePO tagging and actions, McAfee® Risk Advisor, and McAfee® Threat Intelligence Exchange (TIE). Task 1 Log on to the McAfee ePO console using an account with the appropriate rights. 2 Select Menu | Permission Sets | User Management. 3 Create a named group by selecting Actions | New, then click Save. 4 Add rights so that the McAfee ESM account works properly. With the new group selected, scroll down to Systems, then select Edit. 5 In Systems , select these options, then click Save. a For Actions, select Wake up agents, view Agent Activity Log. b For Tag use, select Apply, exclude, and clear tags. 6 To assign users to the group, in the User Management section, select Menu | Users. 7 Select New User and define these options: a Enter the New User name. b Set the Logon status to Enabled. Configuring McAfee data sources McAfee ePolicy Orchestrator 3 McAfee Enterprise Security Manager Reference Guide Data Source Configuration 35 c Set the Authentication type to ePO authentication and enter the password. d Set the Manually assigned permission sets to Selected permission sets and McAfee SIEM, then click Save.

facebook page : https://www.facebook.com/elearninginfoit

twitter page : https://twitter.com/RajeshS87398051

Google plus: https://plus.google.com/u/0/100036861860929870179

blogger page : https://elearninginfoit.blogspot.in

youtube page : https://www.youtube.com/elearninginfoit linkdin page : https://in.linkedin.com/in/rajesh-sharma-90537179

https://www.instagram.com/elearninginfoit/

https://www.pinterest.com/elearninginfoit

https://vimeo.com/user57285849

https://elearninginfoit.wordpress.com/

https://www.reddit.com/user/elearninginfoit

https://www.flickr.com/people/147609185@N04/

http://www.tumblr.com/liked/by/elearninginfoit ... https://www.youtube.com/watch?v=jMuvjiWGX54

2023-05-02
0.0 LBC
Copyrighted (contact publisher)

34096010 Bytes